Mercurial Mercurial > hg > mozilla / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
xulrunner version information for beta 13 cycle firefox13
authorWolfgang Rosenauer <wr@rosenauer.org>
Wed, 25 Apr 2012 13:49:50 +0200
branchfirefox13
changeset 436 0d065e025384
parent 434 c50d6cb495a0
child 440 8e36d7509c1b
xulrunner version information for beta 13 cycle
xulrunner/xulrunner.changes file | annotate | diff | comparison | revisions
xulrunner/xulrunner.spec file | annotate | diff | comparison | revisions 
--- a/xulrunner/xulrunner.changes	Wed Apr 25 09:22:47 2012 +0200
+++ b/xulrunner/xulrunner.changes	Wed Apr 25 13:49:50 2012 +0200
@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org
+
+- update to 12.0 (bnc#758408)
+  * rebased patches
+  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+    Miscellaneous memory safety hazards
+  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+    use-after-free in IDBKeyRange
+  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+    Invalid frees causes heap corruption in gfxImageSurface
+  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+    Potential XSS via multibyte content processing errors
+  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+    Potential memory corruption during font rendering using cairo-dwrite
+  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+    WebGL.drawElements may read illegal video memory due to
+    FindMaxUshortElement error
+  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+    Page load short-circuit can lead to XSS
+  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+    Ambiguous IPv6 in Origin headers may bypass webserver access
+    restrictions
+  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+    Crash with WebGL content using textImage2D
+  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+    Off-by-one error in OpenType Sanitizer
+  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+    HTTP Redirections and remote content can be read by javascript errors
+  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+    Potential site identity spoofing when loading RSS and Atom feeds
+- added mozilla-libnotify.patch to allow fallback from libnotify
+  to xul based events if no notification-daemon is running
+- gcc 4.7 fixes
+  * mozilla-gcc47.patch
+  * disabled crashreporter temporarily for Factory
+
 -------------------------------------------------------------------
 Fri Mar  9 21:49:05 UTC 2012 - wr@rosenauer.org
 
--- a/xulrunner/xulrunner.spec	Wed Apr 25 09:22:47 2012 +0200
+++ b/xulrunner/xulrunner.spec	Wed Apr 25 13:49:50 2012 +0200
@@ -43,10 +43,10 @@
 BuildRequires:  wireless-tools
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.0
-BuildRequires:  mozilla-nss-devel >= 3.13.3
+BuildRequires:  mozilla-nss-devel >= 3.13.4
 Version:        12.99
 Release:        0
-%define         releasedate 2012032100
+%define         releasedate 2012042500
 %define         version_internal 13.0
 %define         apiversion 13
 %define         uaweight 1300000
mozilla